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DETAILED ACTION 

1 . This action is response to communication: amendment received 05/21/2008. 

2. Claims 1-16 and 47-48 are current pending in this application. Claims 17-46 
have been withdrawn. Claims 47 and 48 are new. 

3. No new IDS has been received. 

Response to Arguments 

Applicant's arguments with respect to the claims have been considered but are 
moot in view of the new ground(s) of rejection. 

Claim Rejections - 35 USC §112 

4. The previous 112 rejections have been withdrawn in response to applicant's 
amendments and arguments. 

Claim Rejections - 35 USC § 103 

5. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

6. Claims 1,2,4, 5, and 47 are rejected under 35 U.S.C. 1 03(a) as being 
unpatentable over the Applicant's Admitted Prior Art (hereinafter the AAPA), and in view 
of Fee US Patent Application Publication 20030041267 (hereinafter Fee). 
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As per claim 1 , the AAPA (used the paragraphs from publication) teaches an 
apparatus comprising instantiating in a managed code to execute with a runtime loader 
(paragraphs 2 and 3 of publication), for executing first and second assemblies of one or 
more files instantiated in the managed code (paragraphs 2, 3, and 5); means for making 
a call for access by the first assembly of one or more files instantiated in the managed 
code to the second assembly of one or more files instantiated in the managed code 
(paragraph 5); and means, based upon an ID for at least one of the first and second 
assembly of one or more files, for determining access privileges of the first assembly of 
the one or more files to the second assembly of one or more files (paragraph 6). 

However, at the time of the invention, the AAPA does not explicitly teach virtual 
machine means. However, this is taught throughout Fee, such as in paragraph 30. 
Further, Fee teaches the use of security policies relating to identifiers such as in 
paragraphs 37, 55, 58, 72. 

At the time of the invention, it would have been obvious to one of ordinary skill in 
the art to combine the AAPA and the Fee references. One of ordinary skill in the art 
would have been motivated to perform such an addition to dynamically and flexibly 
determine whether an assembly may be trusted with some amount of access to the 
user's system. (Fee paragraph 8). 

As per claim 2, the AAPA teaches wherein the identity may be a user ID 
(paragraph 6). Further, Fee teaches user based security policies, such as in 
paragraphs 37, 55, 58, and 72. 
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As per claim 4, Fee teaches wherein the means for determining access privileges 
further comprise: means for preventing the access of the first assembly to the second 
assembly when the determination based upon the ID for at least one of the first and 
second assemblies is unfavorable based upon predetermined criteria for the respective 
IDs (paragraphs 34, 42, 54, 64, 67, 68, and also AAPA paragraphs 4 and 6). 

As per claim 5, Fee teaches wherein the means for determining access privileges 
further comprises: means for preventing the access of the first assembly to the second 
assembly when the ID for the first assembly does not match the ID for the second 
assembly based upon a predetermined match criteria for the respective IDs (paragraphs 
34, 42, 54, 64, 67, 68, and also AAPA paragraphs 4 and 6). 

Claim 47 is rejected using the same basis of arguments used to reject claim 1 

above. 

7. Claims 3, 7, 14, 15, 16, and 48 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over the AAPA and Fee combination as applied above, and further in view 
of Bromley et al. US Patent No. 7,266,677 (hereinafter Bromley). 

As per claim 3, Fee teaches an execution engine means, in a native code 
portion, for executing the virtual machine means in runtime (abstract, paragraph 9, 25, 
31), means, in a native code portion, for providing an operating system to be executed 
with the virtual machine means (paragraph 30, 31 , and 33). For further details on 
"native" code, which is also known as machine code or assembly code, Bromley 
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teaches these limitations, such as in col. 3 line 60-col. 4 line 4;col. 11 line 52 to col. 12 
line 15; col. 12 line 35-col. 12 line 52; col. 12 line 45 to col. 13 line). 

At the time of the invention, it would have been obvious to one of ordinary skill in 
the art to combine the teachings of the AAPA combination with Bromley. One of 
ordinary skill in the art would have been motivated to perform such an addition to allow 
flexibility in systems, as it allows systems to communicate with each other when they 
operate in different operating environments (col. 2 lines 21-37). The references deal 
with communications across different networks that utilize assemblies. 

As per claim 7, Fee teaches the means for determining access privileges further 
comprising means for permitting the access of the first assembly to the second 
assembly when the ID for the first assembly matches the ID for the second assembly 
based upon a predetermined match criteria for the respective IDs (paragraphs 34, 42, 
54, 64, 67, 68, and also AAPA paragraphs 4 and 665). Bromley teaches wherein the 
assemblies from an intermediate language code and meta data are compiled into native 
code (col. 11 line 53 to col. 12 line 14; col. 12 line 35 to col. 13 line 5). Although 
metadata is not expclitly taught, it would have been obvious and common sense to 
compile all necessary information into native code. Bromley teaches that the necessary 
information is compiled into native code, and thus, it would have been obvious and 
common sense to convert meta data, if needed, into native code as well if this data 
needed to be utilized. A CLR loader is also taught in paragraph 3 of the AAPA. 
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Further, Bromely teaches the means for executing the compiled native code in 
the native code portion, wherein the first assembly accesses the second assembly (col. 
12 lines 1-14, and the accessing of assemblies taught throughout Bromley and Fee). 

As per claim 14, Bromley teaches wherein the execution engine means in the 
native code portion further comprises a compiler to compile each said assembly into 
native code for execution by the native code portion (col. 3 lines 60-col. 4 line 4; col. 1 1 
line 52 to col. 12 line 15; col. 12 line 35 to col. 12 line 52). 

Claim 15 is rejected using the same basis of arguments used to reject claim 7 
above. Further, the AAPA teaches JIT that compilers may be used to compile code. 

As per claim 16, Bromley teaches means, in the native code portion, for forming 
a response to the call. , and means for returning the response to the first assembly in 
the managed code portion (col. 3 lines 60-col. 4 line 4; col. 11 line 52 to col. 12 line 15; 
col. 12 line 35 to col. 12 line 52). 

Claim 48 is rejected using the same basis of arguments used to reject claim 3 

above. 

8. Claim 6 is rejected under 35 U.S.C. 103(a) as being unpatentable over the Fee, 
AAPA, and Bromley as applied, and further in view of Segarra et al. US Patent No. 
4,430,699 (hereinafter Segarra). 

As per claim 6, the AAPA combination teaches preventing access of the first 
assembly to the second assembly, but does not explicitly teach wherein the rules are 
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based upon application domains. However, this is taught by Segarra, such as in col. 34 
lines 30-40. 

At the time of the invention, it would have been obvious to one of ordinary skill in 
the art to combine the Segarra reference with the AAPA combination. One of ordinary 
skill in the art would have been motivated to perform such an addition to allow more 
security options to be available. As multiple systems are communicating with each 
other, it would be obvious to not allow systems with different application domains to 
communicate with each other, as it may lead to security problems. Further, Segarra 
deals with computer networks communicating with one another, and these teachings 
coincide with the teachings of the AAPA and Fee. 

9. Claims 8 and 9 are rejected under 35 U.S.C. 1 03(a) as being unpatentable over 
the Fee combination as applied above, and further in view of Hardman et al. US Patent 
no. 2004/0059941 (hereinafter Hardman) 

As per claim 8, the Bromley combination does not explicitly teach permitting 
access of the first assembly to the second assembly when a previous said access has 
been permitted. However, this type of access control is well known in the art, and is 
illustrated by Hardman in paragraph 51 . 

At the time of the invention, it would have been obvious to one of ordinary skill in 
the art to combine the teachings of Hardman with the Fee combination. One of ordinary 
skill in the art would have been motivated to perform such an addition to save time. As 
a user has already been authenticated once, it would not always be necessary to 
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authenticate the user again once he's been authenticated. This would save time and 
processing speed. These type of access controls are well known in the art. Further, it 
teaches in paragraph 10 that it would be beneficial to provide one-time authorization 
and access to systems. 

As per claim 9, Hardman teaches wherein the previous said access had been 
permitted following a prior said determination that was favorabe based upon a 
predetermined comparison criteria for the respective IDs (paragraph 26). 

10. Claims 10-12 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
The Fee combination as applied above, and further in view of Borza US Patent No. 
6,076,167 (hereinafter Borza) 

As per claim 10, means for compiling at least one of the first and second 
assemblies into native code is taught by Bromley, such as in col. 12 as described 
earlier. Further, permitting the means for compiling to compile at least one of the first 
and second assemblies into native code is taught by Bromley in col. 12 lines 35-col. 13 
line 5. However, at the time of the invention, the Bromley combination does not 
explicitly teach accuracy means, prior to the means for determinig access privileges, for 
determining whether the ID is accurate for the first and second assemblies. However, 
checking accuracy means before determining privileges and delying the determiniation 
until the ID is accurate is taught in Borza col. 12 lines 45-55. 

At the time of the invention, it would have been obvious to implement the ideas 
taught by Borza with the Fee combination. One of ordinary skill in the art would have 
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been motivated to perform such an addition to provide a method for securely 
transmitting data and for securely transmitting data across a network taht is capable of 
real time modification in order to increase security (col. 2 lines 1-7). 

As per claim 1 1 , the combination of Borza with the Bromley combination teaches 
these limitations of the claims. Fee and the APPA teaches that the assemblies are 
able to communicate after IDs are checked and accurate, as seen in the arguments 
above.. Bromley then teaches that the code is compiled into native code for runtime in 
col. 12 lines 1-14 and col. 12 lines 40-67. Also shown in col. 13 lines 15-24. 

As per claim 12, Borza teaches in col. 12 lines 45-55 that the ID's must be 
accurate before proceeding to access privileges. Therefore, since access privileges are 
halted, all other steps subsequently following it must halt as well, which would halt the 
system before it would run. 

1 1 . Claim 13 is rejected under 35 U.S.C. 103(a) as being unpatentable over the Fee 
combination as applied above, and further in view of Rompaey et al. US Patent No. 
5,870,588 (hereinafter Rompaey). 

As per claim 13, the Fee, AAPA, and Bromley combination teach the compilers 
and metadata, as seen in the rejection for claim 7 above. However, the combination 
does not teach all the limitations of this claim. These limitations are taught by the 
Rompaey reference, in combination with the Fee, AAPA, and Bromley references. 
Rompaey teaches this, such as in col. 5 lines 28-54. 
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At the time of the invention, it would have been obvious to one of ordinary skill in 
the art to combine the references of Rompaey with the Fee combination. One of 
ordinary skill in the art would have been motivated to perform such an addition to 
provide synthesis tools to allow code to run independently of their design environments. 
Col. 5 lines 45-55. 



Conclusion 

12. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See M PEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 
13. 
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14. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to JASON K. GEE whose telephone number is (571)272- 
6431 . The examiner can normally be reached on M-F, 7:00 am to 4:30 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kambiz Zand can be reached on (571 ) 272-381 1 381 1 . The fax phone 
number for the organization where this application or proceeding is assigned is 571- 
273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 

Jason Gee /ELLEN TRAN/ 

Patent Examiner Primary Examiner, Art Unit 21 34 

Technology Center 2100 

07/29/2008 



